KVM Enhancements in Linux 6.8
Changes to KVM virtualization in the upcoming 6.8 version of the Linux kernel include many new features and improvements. These changes are set to enhance the support for confidential VMs and bring various enhancements for KVM on different architectures.
Some of notable changes in the Linux 6.8 KVM include:
- Improved support for confidential VMs: With the introduction of the
KVM_SET_MEMORY_ATTRIBUTES
ioctl
, user-space can now specify per-page attributes for guest memory. This feature is particularly useful for confidential and secure VMs that utilize technologies such as AMD SEV-SNP, TDX, and ARM pKVM. - Software-protected VMs on x86: The KVM on x86 architecture now supports “software-protected VMs,” which allows for testing new interfaces related to
guest_memfd
and page attributes. - Flush-by-ASID support: KVM now unconditionally advertises flush-by-ASID support for nSVM, enabling the latest versions of VMware Workstation to run smoothly on KVM.
- Linear Address Masking (LAM) for KVM guests: Linux 6.8 introduces support for LAM in KVM guests, enhancing the performance and security of virtualized environments.
CONFIG_KVM_HYPERV
option: A newKconfig
option,CONFIG_KVM_HYPERV
, allows users to disable KVM support for Microsoft Hyper-V emulation during the build process.- ARM64 LPA2 support: KVM now includes support for ARM64 LPA2, further expanding its capabilities on the ARM architecture.
- LSX/LAX SIMD CPU instructions on LoongArch: KVM on LoongArch architecture now allows for the LSX/LAX SIMD CPU instructions within KVM guest VMs.
Source: Phoronix.